skip navigation

More signal. Less noise.

Daily briefing.

The US, late Friday, officially attributed election-related email hacking to Russia's government. A joint statement by the Office of the Director of National Intelligence and the Department of Homeland Security said the Intelligence Community was confident the operation could only have been authorized at the Russian government's highest levels. This opens a more confrontational phase in what observers generally regard as the Cold War redivivus. The US indicated it will take steps to protect itself "at a time and place of our choosing." Observers expect more anti-Russian sanctions.

Russian officials dismiss the attribution as "rubbish" designed to inflame anti-Russian hysteria. (It's also rubbish, Foreign Minister Lavrov says, to think Snowden was a Russian agent.) In the US Presidential campaign, candidate Clinton says Russia's trying to throw the election to Trump; candidate Trump says it's unclear Russia's behind election-related hacks, and that Clinton belongs in jail for mishandling classified material.

WikiLeaks posted 2050 emails purporting to be from candidate Clinton's campaign manager, John Podesta. They look generally discreditable, as leaked emails usually do.

The International Atomic Energy Agency reports that an unnamed nuclear plant sustained a successful cyberattack two to three years ago.

Imperva says the Mirai botnet was both "territorial" (disabling competing malware on infected systems) and selective (avoiding IP addresses belonging to the US Department of Defense, General Electric, and HP). Recent distributed denial-of-service campaigns move the European Union to advance work toward IoT security standards.

The FBI wants another iPhone unlocked, this one belonging to Minnesota's mall-stabbing terrorist.

Notes.

Today's issue includes events affecting Australia, Brazil, China, Colombia, India, Iraq, Israel, Republic of Korea, Libya, Mexico, Romania, Russia, Syria, Taiwan, Turkey, United Arab Emirates, United Kingdom, United States and Vietnam.

A note to our readers: We're two weeks into National Cyber Security Awareness Month in the United States. The theme this week is, "From the Break Room to the Boardroom: Creating a Culture of Cybersecurity in the Workplace."

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from Level 3's Dale Drew, who will discuss election hacking concerns. Our guest, Smrithi Konanur of HPE Data Security, will talk about credit card security. If you enjoy the podcast, please consider giving it an iTunes review.

Tech Talk: Blockchain & Bitcoin (Laurel, Maryland, USA, October 17, 2016) Join Novetta and Chainanalysis at Jailbreak Brewery to learn about Bitcoin, a digital currency, and Blockchain, the technology that makes it all work. Rub elbows with like-minded techies and enjoy ice cold beer - Don’t miss out.

Cyber Security Summit (Los Angeles, California, USA, October 20, 2016) Senior-level executives are invited to learn about the latest threats and solutions in cyber security from experts from the U.S. Dept. of Justice, Darktrace, IBM and more. Use promo code cyberwire50 for a 50% off (Regular price $250).

Cyber Attacks, Threats, and Vulnerabilities

U.S. Formally Accuses Russia of Stealing D.N.C. Emails (New York Times) The Obama administration on Friday formally accused the Russian government of stealing and disclosing emails from the Democratic National Committee and from a range of prominent individuals and institutions, immediately raising the issue of whether President Obama will seek sanctions or other retaliation for the cyberattacks

United States Accuses Russia of Using Hacking to Meddle in Election (Foreign Policy) The U.S. intelligence community now says it’s “confident” the Russian government “directed” recent hacks into the computer systems of American political groups to interfere with the U.S. election — an explosive charge that security researchers have been making for months

Joint Statement from the Department of Homeland Security and Office of the Director of National Intelligence on Election Security (Office of the Director of National Intelligence) The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations

Moscow says U.S. cyber attack claims fan 'anti-Russian hysteria' (Reuters) U.S. accusations that Russia was responsible for cyber attacks against Democratic Party organizations lack any proof and are an attempt by Washington to fan "unprecedented anti-Russian hysteria", the Foreign Ministry in Moscow said

The Trail of Russian Hackers, Putin's Revenge in Siberia (NBC News) This Soviet-era industrial city with a population of roughly 200,000 in Siberia is hardly an obvious place to be connected to a cyber attack on the American election system

Clinton says Russian attempts to influence elections are meant to help Trump (CNBC) Hillary Clinton said that attempts by the Kremlin to influence the U.S. presidential election are designed to help Donald Trump, whom she accused of being close to Russian strongman Vladimir Putin

Trump denies Russia behind attack, despite fed investigation saying otherwise (The Hill) Republican nominee Donald Trump disputed that Russia was behind high-profile data breaches of Democratic groups during Sunday night's presidential debate, despite the federal investigation reaching the opposite conclusion

Trump: Clinton should be jailed because of e-mail scandal (Ars Technica) Clinton's e-mail, Russian hacking emerge even amid Trump's comments about women

EXCLUSIVE: New Email Leak Reveals Clinton Campaign’s Cozy Press Relationship (Intercept) Internal strategy documents and emails among Clinton staffers shed light on friendly and highly useful relationships between the campaign and various members of the U.S. media, as well as the campaign’s strategies for manipulating those relationships

Apple Watch banned from UK cabinet meetings over Russian hacker fears (Ars Technica) Smartphones and tablets were already barred in fear of foreign eavesdroppers

Turkey blocks cloud sites following huge data dump of stolen email (Naked Security) Hackers from a left-wing group known as RedHack recently claimed to have got into three different email accounts belonging to Turkey’s Energy Minister, Berat Albayrak

ISIS Media Output Drops as Military Pressure Rises, Report Says (New York Times) The vaunted propaganda operations of the Islamic State, which helped lure more than 30,000 foreign fighters to Syria and Iraq, have dropped off drastically as the extremist group has come under military pressure, according to a study by terrorism researchers at West Point

Number of suicide attacks claimed by the Islamic State dipped in September (Long War Journal) The Islamic State’s Amaq News Agency claims that the group launched 53 “martyrdom operations” in Iraq and Syria during the month of September. The figure was first published on an Arabic infographic (seen above) that was released by Amaq on Oct. 6

NSA could put undetectable “trapdoors” in millions of crypto keys (Ars Technica) Technique allows attackers to passively decrypt Diffie-Hellman protected data

Security bod to MSFT: PowerShell's admin-lite scheme is an open door (Register) Too much admin turns out to be barely enough

Breaking Down Mirai: An IoT DDoS Botnet Analysis (Incapsula Blog) By now many of you have heard that on September 13, 2016, the website of renowned security journalist Brian Krebs was hit with one of the largest distributed denial of service attacks (DDoS) to date

Insecure security cameras, DVRs behind huge DDoS botnet (IT World Canada) Content delivery network Akamai has been under the microscope lately for seemingly abandoning security writer Brian Krebbs, whose site suffered a huge distributed denial of service attack last month

StrongPity APT Emerges with Trojanized Crypto-tools (Infosecurity Magazine) The StrongPity APT has resurfaced, with a focus on users of encryption tools

The DXXD Ransomware displays Legal Notice before Users Login (Bleeping Computer) Since the end of September, the DXXD Ransomware has been targeting servers and encrypting their files

Odin ransomware: How to protect the system? (Trojan Killer) Odin is yet of one ransomware. Security experts claim it is a new version of Locky ransomware

Businesses must prepare for expected rise in ransomware attacks, say experts (Out-Law) Businesses must prepare themselves for an expected surge in the number of so-called 'ransomware' attacks

Researcher finds flaws in industrial control devices (SC Magazine) A number of vulnerabilities found in an industrial automation device could allow hackers to take control of machinery

IAEA chief: Nuclear power plant was disrupted by cyber attack (Rueters via Yahoo!) A nuclear power plant became the target of a disruptive cyber attack two to three years ago, and there is a serious threat of militant attacks on such plants, the head of the United Nations nuclear watchdog said on Monday

Threat of cyber attack on nuclear stations rising, council warns (Global Construction Review) Countries must raise their game in combatting cyber attacks on nuclear and other energy infrastructure or face economic damage and threats to public safety, a report has warned

The NERC CIPs continue to expose the grid to significant cyber vulnerabilities even after the Ukrainian hack (Control Global) As mentioned many times, the NERC CIP process has many exceptions that make the NERC CIP process less rigorous and comprehensive than many people have been led to believe

Hackers Launch 133K+ Cyberattacks At G20 Summit (PYMNTS) The G20 Summit, a global economic leadership forum attended by world leaders from 20 major economies, experienced an onslaught of malicious cyberattacks during this year’s event, which took place Sept. 3–6

Hurricane Matthew: South Carolina Officials Say Emails with Flooding Info a Cyber Threat (Charleston Patch) South Carolina Gov. Nikki Haley said the situation began overnight

100+ online shops compromised with payment data-stealing code (Help Net Security) Since March 2016 (and possibly even earlier), someone has been compromising a variety of online shops and injecting them with malicious JavaScript code that exfiltrates payment card and other kinds of information users entered to pay for their shopping

Michigan Card Issuer Blocks Payments at Wendy's (BankInfo Security) A bold PR move, But will it help prevent fraud?

12-year-old gets €100,000 Google bill after confusing AdWords and AdSense (Naked Security) The kid had a plan: put up some music videos of his band on YouTube, plug into Google’s AdSense program to run ads alongside, make enough money to buy instruments, play music, get rich and go buy a mansion

Security Patches, Mitigations, and Software Updates

Microsoft rejigs Patch Wednesday with new update structure (IT News) Windows administrators will have new patching options from this Wednesday as Microsoft drastically changes how it provides monthly security and operating system fixes

Microsoft fleshes out seismic change to Windows patching (Computerworld) Elaborates on how this month's Windows 7 and Windows 8.1 updates will be packaged and delivered

Cyber Trends

Artificial intelligence-powered malware is coming, and it's going to be terrifying (Business Insider) Imagine you've got a meeting with a client, and shortly before you leave, they send you over a confirmation and a map with directions to where you're planning to meet

Why attaching security to each piece of data is critical (Help Net Security) Following in Edward Snowden’s footsteps, yet another NSA contractor has leaked highly classified trade secrets and government information. My question to you: Are we really all that surprised?

‘Security Fatigue’ Can Cause Computer Users to Feel Hopeless and Act Recklessly, New Study Suggests (NIST) After updating your password for the umpteenth time, have you resorted to using one you know you’ll remember because you’ve used it before? Have you ever given up on an online purchase because you just didn’t feel like creating a new account

APRA: Almost half of insurers suffer cyber attack (Insurance Business) A survey compiled by Australian Prudential Regulation Authority (APRA) has found that 46% of insurers have suffered a cyberattack serious enough to warrant attention of executive managers

Tripwire Study: Only 33 Percent of Organizations Have Endpoint Security Strategy (BusinessWire) Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced the results of an extensive Tripwire study conducted by Dimensional Research

How your superannuation could be at risk of cyber attack (Starts at 60) A survey into cyber attacks on financial institutions has found the superannuation industry is most at risk, putting your retirement savings at risks of serious cyber attacks

Marketplace

Enterprise multi-factor authentication market to cross $1 billion this year (Help Net Security) Evolving cyber threats contribute to hundreds of millions of dollars in losses for businesses each year due to compromised credentials and data breaches

In quest for better AI, tech companies gobble up smaller companies: Study (CNBC) Tech giants are hungry for artificial intelligence

Cisco, Palo Alto, Symantec Gear Up For Cloud Cybersecurity (Nasdaq) Cloud computing is reshaping the market for network security technologies

Verizon CEO Says Evaluating Whether Yahoo Hack Had ‘Material Impact’ (Wall Street Journal) Lowell McAdam still sees Yahoo as ‘a real value asset’

Verizon Reportedly Demands $1B Yahoo Discount After Breach (BankInfo Security) But breached businesses typically face few long-term repercussions

Would You Buy Yahoo for $4.8 Billion? How ’bout $3.8 Billion? (Sys-Con Media) When Verizon agreed to purchase Yahoo for $4.8 billion, it was the right price

Another NSA Breach Hits Booz Allen. Will Anything Change? (Bloomberg) Booz Allen Hamilton Holding Corp. is once again at the center of a major U.S. intelligence breach

A Botched NSA Leak... and an Investment Opportunity? (Investment U) At this point it seems every Booz-related NSA leak is a buying opportunity. And there was just another one

Thycotic Delivers Strongest Quarter in the Company's History Adding More Than 200 New Customers (PRNewswire) Company posts 77 percent compound annual growth rate in Q3 and continues streak of profitability

Palo Alto Networks Teams Up with Cyber Security Agency of Singapore to Strengthen the Nation's Cyber Defense (Stockhouse) Provides CSA the intelligence on sophisticated cyberthreats. Introduces its first education drive at GovWare, developed in conjunction with the CSA. Appoints first APAC representative to the Palo Alto Networks Public Sector Advisory Council

Startup Tanium Aiming to Address 'Prosaic' Cyber Attacks (The Street) Tanium co-founder and CEO Orion Hindawi believes the computer security industry continues to fail its market

Want a sure-fire well-paid job? Train to fight computer hackers (Miami Herald) Want a career with zero chances of going jobless?

Cyber firm wins award five consecutive times (Daily News) A cyber security firm, Sophos has once again been positioned in the lead on “Magic Quadrant for Unified Threat Management” award

Securonix signs HANDD Business Solutions to continue its expansion in the UK (ResponseSource) Data protection specialist uses pioneering user behaviour analytics cyber security platform to combat Insider Threat challenge

AI-Based Cyber-Security Firm Cylance Attracts Ex-Dell CISO and Distribution (IT Europa) Cylance VP and Ambassador-at-large John McClurg is in positive mood

Products, Services, and Solutions

Zentera Systems Announces IP Portfolio Expansion for its CoIP Platform that Enables Security Across Cloud and Enterprise Datacenters (PRNewswire) Zentera Systems, Inc., the leader in multicloud networking and security, announced today that its IP portfolio now includes a Secure Virtual Network Platform patent and two additional registered trademarks: CoIP® and Cloud Over IP®

Menlo Security's Malware Isolation Wins Innovation Award (eWeek) The patented technology is simple to deploy, requires no endpoint software or plug-ins and delivers a 100 percent secure and completely native user experience

CETECOM further extends Visa type approval testing portfolio in the US (Presse Box) CETECOM is now accredited to perform Visa Paywave Contactless Type Approval Testing in our US laboratory in Milpitas, California

India Post's New Bank: Building in Security (InfoRisk Today) Postal Service reaching out to 'unbanked'; awareness key challenge

Nyotron brings cloud-based cyber defence service to military, government (IHS Jane's 360) Israeli cyber specialist Nyotron has revealed details of novel technology now available to government agencies to defeat cyber threats following its initial development for the commercial sector

Technologies, Techniques, and Standards

Europe to Push New Security Rules Amid IoT Mess (KrebsOnSecurity) The European Commission is drafting new cybersecurity requirements to beef up security around so-called Internet of Things (IoT) devices such as Web-connected security cameras, routers and digital video recorders (DVRs)

Steps to developing secure IoT products (Help Net Security) IoT is broad ranging, and the pace of change and innovation is fast

Is it really a good idea to scam the scammers? (Naked Security) When scammers come calling, the temptation is to try and turn the tables on them. Some experts actually do, but is it a good idea for would-be vigilantes to follow suit?

Components of an effective vulnerability management process (Help Net Security) Vulnerabilities continue to grab headlines. Whether it is a zero-day that affects “tens of millions” servers around the globe or an old unpatched flaw that leads to a data compromise, we will keep reading about them

No more guilt about your lack of innovation in administrative IT (Help Net Security) Helpdesks are mired in mundane tasks that are repeated every day – password resets, user account access and account creations, just to name a few

Reviewing File Transfer Protocol Healthcare Cybersecurity Risks (HealthITSecurity) The SANS Institute provides important guidelines that healthcare organizations should follow when it comes to maintaining healthcare cybersecurity with file transfer protocol

New phone app tracks forced disappearances in Egypt (Cortez Journal) Opponents of the Egyptian government seem to just vanish

A CISO, consultant and infosec vendor nail down cybersecurity best practice lists (Healthcare IT News) A triptych of experts share insights and advice about cyberthreat intelligence sharing, plotting a security strategy and safeguarding data against attacks

Design and Innovation

Google wants to revamp public Wi-Fi networks, but what about security? (Help Net Security) William Shakespeare once wrote, “the eyes are the windows to your soul,” but if you ask savvy retailers, they might say it’s guest Wi-Fi

Why AI Makes It Hard to Prove That Self-Driving Cars Are Safe (IEEE Spectrum) Car manufacturers will have difficulty demonstrating just how safe self-driving vehicles are because of what’s at the core of their smarts: machine learning

Research and Development

Even the US military is looking at blockchain technology—to secure nuclear weapons (Quartz) Blockchain technology has been slow to gain adoption in non-financial contexts, but it could turn out to have invaluable military applications

NYU Abu Dhabi engineers seek to make cities more secure (Nation) The UAE is hardening its critical infrastructure against hacking with plans to test the security of electronic chips used to operate everything from a city’s power grid to phones, satellites, aviation, and medical and military applications

Academia

Training Cyber Warriors in Virginia (WVTF) The number of devices that are now connected to the Internet far exceeds the number of people on the planet

Legislation, Policy, and Regulation

The cold war past haunts our electronic future (Financial Times) Russians have always believed that the real value of cyber is psychological warfare and influence

US may use sanctions to punish Russia for election hacking (CSO) A Republican lawmaker will propose legislation to go after the country's cyber criminals

US “Writing Playbook” On Response To Russia For Hacking Into DNC (BuzzFeed) “This isn’t espionage anymore,” said one former official. “They are now actively trying to disrupt the elections”

U.S. Vows Response to Russian Hack at 'Time and Place of our Choosing' (SecurityWeek) Directly accusing Russia of trying to manipulate the 2016 US presidential election, the United States on Friday issued a stark warning that it would act when it wants to protect its interest

What's Obama's next move after blaming Moscow for hacks? (Christian Science Monitor Passcode) Now that the Homeland Security and the Office of the Director of National Intelligence officially accused the Russian government of conducting cyberattacks on US political targets, will the administration retaliate?

Get Help to Secure Election, US Urges Local Officials (Voice of America) Federal officials are urging local election agencies to contact the Department of Homeland Security to receive help with cybersecurity before the November 8 election

INSA Intelligence and National Security Alliance : Calls for Swift Action to Modernize Security Processes (4-Traders) INSA President Chuck Alsup issued the following statement today: Media reports Wednesday of yet another criminal mishandling of classified materials, if true, are greatly troubling and underscore the urgent need for fundamental security reform and modernization efforts

NSA Compliance and Congress’s Plan: How to Account for Flaws in the Metadata Program? (Lawfare) In the extraordinary transparency that followed Edward Snowden’s 2013 revelations, one tantalizing mystery remained: how did the NSA persist until early 2009 in querying metadata under the now-replaced section 215 program with search terms (“identifiers”) that lacked a key requirement imposed by the Foreign Intelligence Surveillance Court (FISC)?

Ron Wyden Discusses Encryption, Data Privacy and Security (New York Times) After Apple and the F.B.I. made their battle over encryption public in February, members of Congress quickly jumped into the debate. Some lawmakers promised new rules that would give authorities more access to smartphones, while others promised to fight off those laws

Crypto Wars: Why the Fight to Encrypt Rages On (PC Magazine) We talked to several experts in the field to help us understand the many facets of encryption

What would a CYBERCOM-NSA split mean? (C4ISRNET) Much has been made over the discussions surrounding a potential separation of the National Security Agency and US Cyber Command

What would an independent Cyber Command look like? (C4ISRNET) Top decision-makers in the government continue to debate the merits of splitting the National Security Agency and US Cyber Command. If this divorce occurs, what would an independent CYBERCOM look like?

The Deck Chairs Matter (Taps for the IAD and the Rule of Law) (Morning Consult) The time has come to play taps for the vaunted defensive arm of the National Security Agency, the Information Assurance Directorate (known among cyber peeps as IAD)

CYBERCOM: Getting the right ‘wetware’ (Federal Times) When officials consider U.S. Cyber Command’s critical cybersecurity mission, the conversation typically focuses on the state of its technology

UK Stands Up GCHQ National Cyber Security Center in London (GovInfo Security) But Brexit may down Europol and intelligence-sharing efforts

Israel ready to assist India with a comprehensive and effective cyber security plan (Economic Times) Israel is ready to assist India with a comprehensive and effective cyber security plan to counter threats from industrial hackers as well as extremist groups, according to Col Ram Dor, noted cyber security expert from the West Asian nation

Litigation, Investigation, and Law Enforcement

Arrested NSA contractor may have hoarded secrets to work from home (Ars Technica) Investigators still haven't found evidence that he leaked classified material to anyone

Our say: In online wars, front lines can be anywhere (Capital Gazette) A mystery solved: Some residents of Glen Burnie now know what was happening on Aug. 27, when two dozen armed FBI agents rushed into their neighborhood, blocking off streets

White House Coordinated on Clinton Email Issues, New Documents Show (Wall Street Journal) Emails obtained by the Republican National Committee find close contact with Hillary Clinton’s nascent presidential campaign in early 2015

US Claims of Russia Employing Snowden 'Nonsense' (Sputnik News) Russian Foreign Minister Sergey Lavrov called US accusations of Russia employing former National Security Agency (NSA) contractor Edward Snowden "just nonsense"

Subpoena to Encrypted App Provider Highlights Overbroad FBI Requests for Information (Intercept) A recently revealed grand jury subpoena shows that the FBI is likely continuing to ask companies for more information than the law allows, according to technology and privacy attorneys interviewed by The Intercept

Terror suspect's locked iPhone could lead to a second Apple-FBI showdown (CSO) This is gonna keep happening

ISIS suspect charged with researching encryption, encrypting website (Help Net Security) A man from Cardiff, Wales, has been charged with six terrorism-related charges, including one that involves actions that are not usually considered illegal: researching encryption software, publishing instructions on how to use it, and encrypting a website

German spy chief says Syrian suspect targeted Berlin airports (Reuters) The head of Germany's domestic intelligence agency (BfV) said a Syrian suspect arrested on Monday was building a bomb and probably planned to attack one of the airports in Berlin

Alleged JPMorgan Hacker Detained in Moscow (Infosecurity Magazine) A US citizen wanted in connection with the massive stock manipulation scheme linked to the breach of over 100 million JPMorgan Chase and other customer records is reportedly in a Russian jail for illegal immigrants

Appeals court restores previously-dismissed surveillance lawsuit (Ars Technica) 3rd Circuit gives Elliott Schuchardt new, albeit slim, chance to beat the gov't

Cybersecurity Whistleblowing Is Murkier Than You May Think (Corporate Counsel) How can your breach turn into a securities law violation? The answer may be "via whistleblower"

The fall of the Encryptor RaaS also thanks to Shodan (Security Affairs) Law enforcement and security experts have dismantled the Encryptor RaaS architecture by localizing one of its servers with Shodan

Spy fraud (Vice) Taxpayers are paying intelligence contractors to browse Facebook, watch porn, and commit crimes

Enigma Software Group Files Suit Against Malwarebytes (PRLeap) Enigma Software Group USA, LLC (ESG) filed a complaint in federal court in New York today against competing anti-malware provider Malwarebytes Inc. The complaint, available here, alleges false advertising, unfair competition, and tortious interference with contractual relations

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

18th Annual AT&T Cybersecurity Conference (New York, New York, USA, October 24 - 25, 2016) Countless cyberthreats circle your organization every second of every day. While your organization utilizes more mobile, IoT and emerging technologies, attackers simply focus on more ways to exploit them.

TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, June 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds...

Upcoming Events

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered...

TU-Automotive Cyber Security Europe (Munich, Bayern, Germany, October 6 - 7, 2016) The most focussed forum on the ‘here and now’ of automotive cybersecurity. As we are inundated by headlines on cyber-attacks, we go beyond the hype to focus on the current challenges and solutions that...

AFCEA CyberSecurity Summit (Washington, DC, USA, October 11 - 12, 2016) AFCEA Washington, DC invites you to attend the 7th Annual Cybersecurity Summit on October 11–12, 2016. This two-day summit will feature keynotes from government leaders, thought-provoking discussion panels,...

AppSecUSA 2016 (Washington, DC, USA, October 11 - 14, 2016) OWASP’s 13th Annual AppSecUSA Security Conference is the premier application security conference for developers and security experts. Come hear an amazing group of inspirational speakers—including YouTube’s...

Cyber Security Summit 2016 (Aukland, New Zealand, May 5, 2016) New Zealand’s first Cyber Security Summit will be held in Auckland on 5 May 2016. The theme is “Keeping New Zealand’s Economy Cyber Secure”. Hosted by the Minister for Communications Hon Amy Adams, the...

Tech Talk: Blockchain & Bitcoin (Laurel, Maryland, USA, October 17, 2016) Join Novetta and Chainanalysis at Jailbreak Brewery to learn about Bitcoin, a digital currency, and Blockchain, the technology that makes it all work. Rub elbows with like-minded techies and enjoy ice...

Insider Threat Program Development Training for NISPOM CC 2 (Warrington, Pennsylvania, USA, October 17 - 18, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). PA. For a limited time the training is being offered at a discounted rate of...

Cyber Ready 2016 (McDill Air Force Base, Florida, USA, October 18, 2016) We invite you to join us for our first annual Cyber ReadyTM 2016 conference observing National Cyber Security Awareness Month: The Impact of Cyber Crime. The National Cyber Partnership, joined by the MITRE MITRE National Capture the Flag (CTF) Competition Cyber Challenge Awards Ceremony.

EDGE2016 Security Conference (Knoxville, Tennessee, USA, October 18 - 19, 2016) The EDGE2016 conference is where true collaboration between business and technology professionals happens. Combining engaging keynotes from world-renowned visionaries, recognized technology industry leaders,...

SecureWorld St. Louis (St. Louis, Missouri, USA, October 18 - 19, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

CyberTini at CyberMaryland (Baltimore, Maryland, USA, October 19, 2016) The bwtech@UMBC Cyber Incubator will be hosting a CyberTini as the official opening event of the CyberMaryland Conference on the evening of October 19, 2016 at the Columbus Center in Baltimore’s Inner...

Los Angeles Cyber Security Summit (Los Angeles, California, USA, October 28, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered...

CyberMaryland 2016 (Baltimore, Maryland, USA, October 20 - 21, 2016) The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government and private...

CyCon US: International Conference on Cyber Conflict (Washington, DC, USA, October 21 - 23, 2016) The inaugural U.S. based International Conference on Cyber Conflict will take place 21-23 October 2016 in Washington D.C. Focusing on a theme of Protecting the Future. CyCon U.S. seeks to create greater...

SANS San Diego 2016 (San Diego, California, USA , October 23 - 28, 2016) Cyber security training in San Diego, CA from SANS Institute, the global leader in information security training. Choose from nine hands-on, immersion-style training courses for security professionals...

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered...

2016 ICS Cyber Security Conference (Atlanta, Georgia, USA, October 24 - 27, 2016) As the largest and longest-running cyber security-focused conference for the industrial control systems sector, the event caters to the energy, utility, chemical, transportation, manufacturing, and other...

14th Annual EWF National Conference (Scottsdale, Arizona, USA, October 25 - 27, 2016) Balancing risk and opportunity: transforming cybersecuity; risk and privacy beyond the enterprise. The Executive Women's Forum (EWF) Annual Conference provides an exclusive opportunity to personally interact...

SecureWorld Bay Area (San Jose, California, USA, October 27, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...

Security By Design (McLean, Virginia, USA, October 28, 2016) The essential security conference for all who desire to build trustworthy software. Developers, DevOps Engineers, Software Architects, Security Software Engineers, Designers and more.

Regional Cyber Security Summit (Sharm El-Sheikh, Egypt, October 30 - November 1, 2016) The Regional Cyber Security Summit comes this year with the theme of “Boundless Collaboration, Boundless Protection”. It focuses on the cooperation in cybersecurity as one of key pillars to tackle the...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.